From a9ff79e3210f362620c032371be42ca518ac46eb Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Mon, 2 Jul 2018 10:10:30 -0600 Subject: [PATCH] check return value --- src/ssl.c | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 8418693e6..bbc8158a4 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -17874,21 +17874,25 @@ WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get_chain(WOLFSSL_X509_STORE_CTX* ctx) WOLFSSL_X509* x509 = wolfSSL_get_chain_X509(c, c->count - 1); if (x509 != NULL) { WOLFSSL_X509* issuer = NULL; - wolfSSL_X509_STORE_CTX_get1_issuer(&issuer, ctx, x509); - - /* check that the certificate being looked up is not self signed - * and that a issuer was found */ - if (issuer != NULL && wolfSSL_X509_NAME_cmp(&x509->issuer, - &x509->subject) != 0) { - if (wolfSSL_sk_X509_push(sk, issuer) != SSL_SUCCESS) { - WOLFSSL_MSG("Unable to load CA x509 into stack"); - wolfSSL_sk_X509_free(sk); - wolfSSL_X509_free(issuer); - return NULL; + if (wolfSSL_X509_STORE_CTX_get1_issuer(&issuer, ctx, x509) + == WOLFSSL_SUCCESS) { + /* check that the certificate being looked up is not self + * signed and that a issuer was found */ + if (issuer != NULL && wolfSSL_X509_NAME_cmp(&x509->issuer, + &x509->subject) != 0) { + if (wolfSSL_sk_X509_push(sk, issuer) != SSL_SUCCESS) { + WOLFSSL_MSG("Unable to load CA x509 into stack"); + wolfSSL_sk_X509_free(sk); + wolfSSL_X509_free(issuer); + return NULL; + } + } + else { + WOLFSSL_MSG("Certificate is self signed"); } } else { - WOLFSSL_MSG("could not find CA for cert or is self signed"); + WOLFSSL_MSG("Could not find CA for certificate"); } } }